urlscan.io logo urlscan.io
SecurityTrails logo

portal.shedrx.com Open in urlscan Pro
199.36.158.100  Public Scan

Go To Rescan Add Verdict Report
URL: https://portal.shedrx.com/
Submission Tags: falconsandbox
Submission: On September 25 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 30 IPs in 3 countries across 25 domains to perform 54 HTTP transactions. The main IP is 199.36.158.100, located in United States and belongs to FASTLY, US. The main domain is portal.shedrx.com. The Cisco Umbrella rank of the primary domain is 235541.
TLS certificate: Issued by WR3 on August 15th 2024. Valid for: 3 months.
This is the only time portal.shedrx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 199.36.158.100 54113 (FASTLY)
1 142.250.65.170 15169 (GOOGLE)
2 142.250.65.232 15169 (GOOGLE)
1 146.75.36.157 54113 (FASTLY)
2 151.101.193.140 54113 (FASTLY)
2 157.240.241.1 32934 (FACEBOOK)
6 23.44.111.19 20940 (AKAMAI-ASN1)
1 18.238.55.31 16509 (AMAZON-02)
1 3.230.88.247 14618 (AMAZON-AES)
1 38.70.189.71 399647 (RUMBLE)
1 35.227.195.169 15169 (GOOGLE)
2 151.101.129.140 54113 (FASTLY)
2 162.159.140.229 13335 (CLOUDFLAR...)
2 104.244.42.131 13414 (TWITTER)
2 216.239.34.181 15169 (GOOGLE)
1 142.251.111.155 15169 (GOOGLE)
3 142.250.80.66 15169 (GOOGLE)
1 2 142.251.40.194 15169 (GOOGLE)
3 142.250.65.195 15169 (GOOGLE)
1 34.117.119.152 396982 (GOOGLE-CL...)
1 34.200.199.253 14618 (AMAZON-AES)
2 172.67.205.45 13335 (CLOUDFLAR...)
4 31.13.71.36 32934 (FACEBOOK)
1 108.139.29.13 16509 (AMAZON-02)
1 2 142.250.72.100 15169 (GOOGLE)
1 108.139.29.91 16509 (AMAZON-02)
1 142.250.80.35 15169 (GOOGLE)
1 18.173.219.75 16509 (AMAZON-02)
1 142.250.80.34 15169 (GOOGLE)
54 30
6    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
portal.shedrx.com
1    142.250.65.170 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f10.1e100.net
fonts.googleapis.com
2    142.250.65.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f8.1e100.net
www.googletagmanager.com
1    146.75.36.157 (Reston, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    151.101.193.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
2    157.240.241.1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-lga3.fbcdn.net
connect.facebook.net
6    23.44.111.19 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-111-19.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    18.238.55.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-55-31.jfk52.r.cloudfront.net
mfmcdn.com
1    3.230.88.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-88-247.compute-1.amazonaws.com
tracking.upfluence.co
1    38.70.189.71 (Toronto, Canada)

ASN399647 (RUMBLE, US)
a.ads.rmbl.ws
1    35.227.195.169 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 169.195.227.35.bc.googleusercontent.com
cdn.trackdesk.com
2    151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)
pixel-config.reddit.com
alb.reddit.com
2    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
t.co
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    142.251.111.155 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f155.1e100.net
stats.g.doubleclick.net
3    142.250.80.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
td.doubleclick.net
2    142.251.40.194 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
googleads.g.doubleclick.net
3    142.250.65.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f3.1e100.net
www.google.ca
1    34.117.119.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.119.117.34.bc.googleusercontent.com
www.shm2idjl.com
1    34.200.199.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-199-253.compute-1.amazonaws.com
spn.so
2    172.67.205.45 (United States)

ASN13335 (CLOUDFLARENET, US)
capig.stape.biz
4    31.13.71.36 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-lga3.facebook.com
www.facebook.com
1    108.139.29.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-13.jfk50.r.cloudfront.net
js.stripe.com
2    142.250.72.100 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f4.1e100.net
www.google.com
1    108.139.29.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-91.jfk50.r.cloudfront.net
js.stripe.com
1    142.250.80.35 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f3.1e100.net
fonts.gstatic.com
1    18.173.219.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-75.jfk52.r.cloudfront.net
openfpcdn.io
1    142.250.80.34 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
www.googleadservices.com
Apex Domain
Subdomains		 Transfer
6 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
td.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 53
3 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 821
140 KB
6 shedrx.com
portal.shedrx.com — Cisco Umbrella Rank: 235541
2 MB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 112
5 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 158
www.google.com — Cisco Umbrella Rank: 3
88 B
3 google.ca
www.google.ca — Cisco Umbrella Rank: 10961
191 B
2 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1391
159 KB
2 stape.biz
capig.stape.biz — Cisco Umbrella Rank: 44683
1 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1133
1 KB
2 t.co
t.co — Cisco Umbrella Rank: 857
1 KB
2 reddit.com
pixel-config.reddit.com — Cisco Umbrella Rank: 2277
alb.reddit.com — Cisco Umbrella Rank: 1488
761 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 196
152 KB
2 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1249
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
203 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 99
2 KB
1 openfpcdn.io
openfpcdn.io — Cisco Umbrella Rank: 20189
14 KB
1 gstatic.com
fonts.gstatic.com
32 KB
1 spn.so
spn.so — Cisco Umbrella Rank: 79800
6 KB
1 shm2idjl.com
www.shm2idjl.com
9 KB
1 trackdesk.com
cdn.trackdesk.com — Cisco Umbrella Rank: 215322
7 KB
1 rmbl.ws
a.ads.rmbl.ws — Cisco Umbrella Rank: 26569
2 KB
1 upfluence.co
tracking.upfluence.co — Cisco Umbrella Rank: 77951
2 KB
1 mfmcdn.com
mfmcdn.com
2 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 989
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
54 25
Domain Requested by
6 analytics.tiktok.com portal.shedrx.com
analytics.tiktok.com
6 portal.shedrx.com portal.shedrx.com
4 www.facebook.com portal.shedrx.com
3 www.google.ca portal.shedrx.com
3 td.doubleclick.net www.googletagmanager.com
2 www.google.com 1 redirects portal.shedrx.com
2 js.stripe.com portal.shedrx.com
js.stripe.com
2 capig.stape.biz connect.facebook.net
portal.shedrx.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 analytics.google.com www.googletagmanager.com
portal.shedrx.com
2 analytics.twitter.com portal.shedrx.com
2 t.co portal.shedrx.com
2 connect.facebook.net portal.shedrx.com
connect.facebook.net
2 www.redditstatic.com www.googletagmanager.com
www.redditstatic.com
2 www.googletagmanager.com portal.shedrx.com
www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 openfpcdn.io spn.so
1 fonts.gstatic.com fonts.googleapis.com
1 spn.so tracking.upfluence.co
1 www.shm2idjl.com mfmcdn.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 alb.reddit.com portal.shedrx.com
1 pixel-config.reddit.com www.redditstatic.com
1 cdn.trackdesk.com www.googletagmanager.com
1 a.ads.rmbl.ws www.googletagmanager.com
1 tracking.upfluence.co www.googletagmanager.com
1 mfmcdn.com portal.shedrx.com
1 static.ads-twitter.com www.googletagmanager.com
1 fonts.googleapis.com portal.shedrx.com
54 29

This site contains no links.

Subject Issuer Validity Valid
affiliate.shedrx.com
WR3		 2024-08-15 -
2024-11-13		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-05-23 -
2024-11-18		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-07-04 -
2024-10-02		 3 months crt.sh
*.tiktok.com
RapidSSL TLS ECC CA G1		 2024-07-15 -
2025-07-15		 a year crt.sh
mfmcdn.com
Amazon RSA 2048 M03		 2024-01-06 -
2025-02-03		 a year crt.sh
*.upfluence.co
Amazon RSA 2048 M02		 2024-09-12 -
2025-10-10		 a year crt.sh
a.ads.rmbl.ws
E6		 2024-08-12 -
2024-11-10		 3 months crt.sh
trackdesk.com
R11		 2024-07-29 -
2024-10-27		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-05-30 -
2024-11-26		 6 months crt.sh
t.co
E6		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-11-05		 a year crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google.ca
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
shm2idjl.com
Starfield Secure Certificate Authority - G2		 2024-05-01 -
2025-03-04		 10 months crt.sh
spn.so
Amazon RSA 2048 M02		 2024-03-13 -
2025-04-11		 a year crt.sh
capig.stape.biz
WE1		 2024-08-26 -
2024-11-24		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-08-29 -
2024-12-05		 3 months crt.sh
*.gstatic.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
openfpcdn.io
Amazon RSA 2048 M02		 2023-12-27 -
2025-01-25		 a year crt.sh
*.googleadservices.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://portal.shedrx.com/
Frame ID: 2D7CB1814C9C3B08F794F881913511D1
Requests: 110 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-48VEXHF084&gacid=947641375.1727263438&gtm=45je49n0v9100008465z89170879507za200zb9170879507&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035&z=994925888
Frame ID: 94936C4222DE124A9D21FC326C113F57
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11094978572?random=1727263437905&cv=11&fst=1727263437905&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465z89170879507za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2F&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: CF7BC6C89EF599564BDFAA47C47C8AE5
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
Frame ID: 31AFFA4AE7674C5BBC0EFE95D68CC17C
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/11094978572?random=1727263439686&cv=11&fst=1727263439686&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&label=fgkJCJ_PjusYEIzgv6op&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Frame ID: AAE2F4BE00ADA90DDC5650A90FE800D2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ShedRx

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

54
Requests

98 %
HTTPS

0 %
IPv6

25
Domains

29
Subdomains

30
IPs

3
Countries

2647 kB
Transfer

11525 kB
Size

19
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 111
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11094978572/?random=1994913384&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&label=fgkJCJ_PjusYEIzgv6op&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItrmK3v3diAMV0DmICR2oxjhtMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3BvcnRhbC5zaGVkcnguY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/11094978572/?random=1994913384&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&label=fgkJCJ_PjusYEIzgv6op&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItrmK3v3diAMV0DmICR2oxjhtMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3BvcnRhbC5zaGVkcnguY29tLw&is_vtc=1&cid=CAQSKQDpaXnfmHiwdvF6V26-io8uglD1WThzKNR5mU_FKTzeTkRhRUQprcbi&random=311794432 HTTP 302
  • https://www.google.ca/pagead/1p-conversion/11094978572/?random=1994913384&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&label=fgkJCJ_PjusYEIzgv6op&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItrmK3v3diAMV0DmICR2oxjhtMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3BvcnRhbC5zaGVkcnguY29tLw&is_vtc=1&cid=CAQSKQDpaXnfmHiwdvF6V26-io8uglD1WThzKNR5mU_FKTzeTkRhRUQprcbi&random=311794432&ipr=y

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
portal.shedrx.com/ 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9ed8df7cd8ba1cfc3f4bbc00ea4fbddf32980361ec225e3d90ee388e3528db01
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
991
content-security-policy
frame-ancestors 'self';
content-type
text/html; charset=utf-8
date
Wed, 25 Sep 2024 11:23:57 GMT
etag
"3818d825d87cecdecf61446244d749e93da1b0b6a6e7035eff1f89e8ade68c1a-br"
last-modified
Fri, 20 Sep 2024 21:21:50 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4563-YYZ
x-timer
S1727263437.310409,VS0,VE48
css2
fonts.googleapis.com/ 		32 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f10.1e100.net
Software
ESF /
Resource Hash
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 25 Sep 2024 11:23:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 25 Sep 2024 10:59:20 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-montserrat.js
portal.shedrx.com/ 		257 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.shedrx.com/font-montserrat.js
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f6dcc229220c6fd335437bf541992d780989252e5d712bb07aa4fdd7949e3b13
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.shedrx.com
Referer
https://portal.shedrx.com/

Response headers

content-encoding
br
etag
"238d2e40f09d3103ef1deb20ce7ca6b80645482fdc808155a6bdac114c2578e2-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 21:21:50 GMT
x-served-by
cache-yyz4563-YYZ
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
strict-transport-security
max-age=31556926
content-security-policy
frame-ancestors 'self';
cache-control
max-age=3600
x-timer
S1727263437.387101,VS0,VE3
accept-ranges
bytes
content-length
91946
index-cf7f9fa6.js
portal.shedrx.com/assets/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.shedrx.com/assets/index-cf7f9fa6.js
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d1a8c17e10d59e15a0324786c2872e44135224b8d8808d6044bc777fda1742d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.shedrx.com
Referer
https://portal.shedrx.com/

Response headers

content-encoding
br
etag
"49afcec0991fc28f4ba64c0364da25ed902f4d9909d5684a40ef56a21eead1ce-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
MISS
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
text/javascript; charset=utf-8
last-modified
Fri, 20 Sep 2024 21:21:50 GMT
x-served-by
cache-yyz4563-YYZ
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
strict-transport-security
max-age=31556926
content-security-policy
frame-ancestors 'self';
cache-control
max-age=3600
x-timer
S1727263437.387075,VS0,VE287
accept-ranges
bytes
content-length
1794373
index-7b57e8c6.css
portal.shedrx.com/assets/ 		58 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.shedrx.com/assets/index-7b57e8c6.css
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b57e8c65d920a5318ad12d3145ee8159a2b81a075a1e26f2a80306310143eb4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
br
etag
"070722776a0a955b030b898a60e0d05c41eb0f2def93de2f171a5cf78055efd3-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
text/css; charset=utf-8
last-modified
Fri, 20 Sep 2024 21:21:50 GMT
x-served-by
cache-yyz4563-YYZ
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
strict-transport-security
max-age=31556926
content-security-policy
frame-ancestors 'self';
cache-control
max-age=3600
x-timer
S1727263437.386741,VS0,VE1
accept-ranges
bytes
content-length
8660
gtm.js
www.googletagmanager.com/ 		253 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c9a91b7f99c03e16b16429635c555ae3e1d27dd04e3515fedca84dccd57d8f73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
br
expires
Wed, 25 Sep 2024 11:23:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 25 Sep 2024 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
84960
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		366 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e27a3206cf77abfdd8922bba5dd2a275625151b377ce3f5b62182a9e9106f933
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Wed, 25 Sep 2024 11:23:57 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122477
date
Wed, 25 Sep 2024 11:23:57 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.36.157 Reston, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"bbbcf811d8437a575d796a4c1e5d4fad+gzip"
accept-ranges
bytes
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15412
date
Wed, 25 Sep 2024 11:23:57 GMT
x-tw-cdn
FT
last-modified
Fri, 15 Mar 2024 03:07:08 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kcgs7200036-IAD
x-amz-server-side-encryption
AES256
pixel.js
www.redditstatic.com/ads/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1593b1f5bf86a2bec3f93142409030a64591d1b6415faaedd0c251dd924d0288

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
etag
"bed9b675380c07edc84c03d0f362b192"
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
content-length
12103
date
Wed, 25 Sep 2024 11:23:57 GMT
last-modified
Mon, 23 Sep 2024 17:14:22 GMT
content-type
application/javascript
vary
Accept-Encoding,Origin
server
snooserv
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/ 		225 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
68fdc316e5a11d1e2430511eaf2b62d8a1b8de21814924a567473ecb3c4b4fae
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=23, mss=1232, tbw=4468, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
KNw6Sdu7TIbYk3hFrkETdG4TNGD3qxssVRu7APAxLFT+ZNKCeUOLJqVNQermw5bxXL7Ordgan3QlpZxo0Aq5sw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58975
x-xss-protection
0
events.js
analytics.tiktok.com/i18n/pixel/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLANBRBC77U9VFIVOEA0&lib=ttq
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-19.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b5b1d185235adfcad879d59215fcdcef505424484ac6658964a420b90036ee0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
gzip
expires
Wed, 25 Sep 2024 11:23:57 GMT
server-timing
inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=14
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-akamai-request-id
177b7aa4
x-tt-trace-host
010fc4a98d3060c9f26273ece19d3d7a56f20f4420886c57dd7e834329c39c1233bcb5ab34f77fe3109c372a37ea2c50ce2efa784ddac2ab4fc111a0e990bf377857fd780e8b60841b24d9567db8ab4d934ce7c40ab3a3fd6140d20b3895746790
x-origin-response-time
15,23.44.200.156
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240925112357C0074B1EC3DDECAF9552-5B01AD7D547C4312-00
content-length
2246
x-tt-logid
20240925112357C0074B1EC3DDECAF9552
server
nginx
intels.js
mfmcdn.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mfmcdn.com/intels.js
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.55.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-55-31.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cd4299871851c28d7786adddb7ae073e98362f62e2e892bb84c709b1528ea4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
gzip
etag
W/"22ebe31a9327cf72d4b6e836fb238e91"
age
70935
via
1.1 1f1744cc287fbe3723d548ac02f36c6a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
dCY86rqxtiiyr5EH61trVdW93_2ZSrMouxhpOkctrCZH8O3O2GD2qg==
date
Tue, 24 Sep 2024 16:01:18 GMT
content-type
text/javascript
last-modified
Wed, 14 Aug 2024 00:12:35 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P4
vary
Accept-Encoding
init-b27a436f-8f5d-4e47-aa04-66b106226e66.js
tracking.upfluence.co/js/v1/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.upfluence.co/js/v1/init-b27a436f-8f5d-4e47-aa04-66b106226e66.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.230.88.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-88-247.compute-1.amazonaws.com
Software
/
Resource Hash
a4675a265f4a2b673525cbb0bbf3ad3480310ca8bff9be6be83c9b71343b8e94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

X-Upfluence-Version
v0.1.43
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,OPTIONS,DELETE
X-Upfluence-Unit-Name
api-public-deployment-65cf4dffcc-tdm85
Access-Control-Allow-Origin
https://portal.shedrx.com
Content-Length
1456
Date
Wed, 25 Sep 2024 11:23:57 GMT
Content-Type
application/javascript
Access-Control-Allow-Headers
X-UPF-Fingerprint,X-UPF-VisitorUUID,X-UPF-Confidence,User-Agent,Content-Type
ratag
a.ads.rmbl.ws/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ads.rmbl.ws/ratag?id=AV-30009
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.70.189.71 Toronto, Canada, ASN399647 (RUMBLE, US),
Reverse DNS
Software
nginx /
Resource Hash
706e4b2b1a0b48a95a2468ed5bbd10ea6cb9874aff64afd280e979c2f141cb0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
public, max-age=900
content-encoding
gzip
etag
W/"b467be32e4974b38f38aeb3d9a695138"
access-control-allow-credentials
true
access-control-allow-origin
*
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
application/javascript; charset=UTF-8
server
nginx
tracking.js
cdn.trackdesk.com/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trackdesk.com/tracking.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWNT4792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.195.169 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
169.195.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1fd8f65871ebd2b8b0e410a6e3b012b66e0964f66e57710c197964154c11db63

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=dI/Mzg==, md5=y+zd/6jauYxsoiv4yBJsYQ==
etag
"cbecddffa8dab98c6ca22bf8c8126c61"
age
293
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
6963
date
Wed, 25 Sep 2024 11:19:04 GMT
last-modified
Mon, 27 May 2024 14:11:16 GMT
content-type
application/javascript
x-guploader-uploadid
AD-8ljvh_q6gNi6EFTnrs0C3ioJdONbbmVJvKyjN6Ytn4mKeR8RjflKxCCb3k7C2uHzCHE9qNC6JGLfr-Q
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1716819076306668
content-length
6963
server
UploadServer
config
pixel-config.reddit.com/pixels/a2_e8osqm9zpc0m/ 		3 B
124 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel-config.reddit.com/pixels/a2_e8osqm9zpc0m/config
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
27
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
application/json
a2_e8osqm9zpc0m_telemetry
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 		86 B
699 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/a2_e8osqm9zpc0m_telemetry
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
max-age=300
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding
gzip
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
97
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
application/json
vary
Accept-Encoding,Origin
server
snooserv
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1727263437729&id=a2_e8osqm9zpc0m&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=9aea3d0b-91d5-459d-ac7f-d3dff268fb6a&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_5afed25b&dpm=&dpcc=&dprc=
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after
0
cross-origin-resource-policy
cross-origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via
1.1 varnish
accept-ranges
bytes
content-length
42
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
image/gif
server
Varnish
1356287765275427
connect.facebook.net/signals/config/ 		308 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1356287765275427?v=2.9.167&r=stable&domain=portal.shedrx.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.241.1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-lga3.fbcdn.net
Software
/
Resource Hash
b7e3d18646a8e869580067834114b3d14bf25049744a7bc8fea6a12ebaf4cc19
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=33, rtx=0, c=74, mss=1232, tbw=67108, tp=62, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
xxhrVpfJeNBxfxUUHCcfZTJ9eCa7kC+HJmtftCur8q49dPXezbXe+zkct4regmgdztHk7x7LnPID23tAmH71tw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
96231
x-xss-protection
0
adsct
t.co/1/i/ 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d4b9a76a-dbac-4ac0-bdd4-98e0b462e7b2&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1b6493f9-1ba1-4e05-973a-c1559b4e2d3e&tw_document_href=https%3A%2F%2Fportal.shedrx.com%2F&tw_iframe_status=0&txn_id=oju2f&type=javascript&version=2.3.30
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
40a476599359d063
cache-control
no-cache, no-store, max-age=0
x-connection-hash
f18add6d50b73a8331d742fc0af66839d21e01058cc192cf5785f22ef39df06d
cf-cache-status
DYNAMIC
cf-ray
8c8aa52698cd36a9-YYZ
x-response-time
80
content-length
43
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=d4b9a76a-dbac-4ac0-bdd4-98e0b462e7b2&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1b6493f9-1ba1-4e05-973a-c1559b4e2d3e&tw_document_href=https%3A%2F%2Fportal.shedrx.com%2F&tw_iframe_status=0&txn_id=oju2f&type=javascript&version=2.3.30
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
3d89259a6b348a78
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c59abd4965a58309145a0b728b8e5a5d4e86351b7124c81dc4953dbc69a8ccaa
x-response-time
8
content-length
43
date
Wed, 25 Sep 2024 11:23:57 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
adsct
t.co/1/i/ 		43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=4&event=%7B%7D&event_id=444a58fb-eb01-4d09-a8ef-4edddd9a69c4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1b6493f9-1ba1-4e05-973a-c1559b4e2d3e&tw_document_href=https%3A%2F%2Fportal.shedrx.com%2F&tw_iframe_status=0&txn_id=tw-oju2f-onhrp&type=javascript&version=2.3.30
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

strict-transport-security
max-age=0
x-transaction-id
5304fc888be9e333
cache-control
no-cache, no-store, max-age=0
x-connection-hash
e395de557ced2a809fa224077350efb2613377909e3e159367d130b2381cf59c
cf-cache-status
DYNAMIC
cf-ray
8c8aa52698cf36a9-YYZ
x-response-time
10
content-length
43
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_b
adsct
analytics.twitter.com/1/i/ 		43 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=4&event=%7B%7D&event_id=444a58fb-eb01-4d09-a8ef-4edddd9a69c4&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=1b6493f9-1ba1-4e05-973a-c1559b4e2d3e&tw_document_href=https%3A%2F%2Fportal.shedrx.com%2F&tw_iframe_status=0&txn_id=tw-oju2f-onhrp&type=javascript&version=2.3.30
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
84aa86c5e4ded51f
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c59abd4965a58309145a0b728b8e5a5d4e86351b7124c81dc4953dbc69a8ccaa
x-response-time
15
content-length
43
date
Wed, 25 Sep 2024 11:23:57 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_b
main.MWE3ZGFjMzZkMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		341 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLANBRBC77U9VFIVOEA0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-19.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e1e974a52d761bcb9565a46c2d95969a20e37db16eb5fa4101524737f9330a12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

x-cache
TCP_HIT from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=17
x-tt-trace-id
00-24092412502376F455EA73A71D58B060-19C5629AA416888F-00
content-length
97005
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
2024092412502376F455EA73A71D58B060
server
nginx
x-akamai-request-id
177b7add
x-tt-trace-host
01e31704db4a59ee24d4c6908ae7c42b3b3eea2d3c6976f8539c5e63d7bb3bacc871d2b9d0b4b0cf506d7e71bbc5764ec6cc016818ed5acffef82c74eba65856bb10738cc7bc1176fecfb0fb3512f105f9abc589e4a9712b354c01cf0e84e2853a
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-48VEXHF084&gtm=45je49n0v9100008465z89170879507za200zb9170879507&_p=1727263437401&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=947641375.1727263438&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1727263437&sct=1&seg=0&dl=https%3A%2F%2Fportal.shedrx.com%2F&dt=ShedRx&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=634
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.shedrx.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-48VEXHF084&cid=947641375.1727263438&gtm=45je49n0v9100008465z89170879507za200zb9170879507&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.155 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.shedrx.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 Sep 2024 11:23:57 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 9493 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-48VEXHF084&gacid=947641375.1727263438&gtm=45je49n0v9100008465z89170879507za200zb9170879507&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035&z=994925888
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.shedrx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Sep 2024 11:23:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11094978572/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11094978572/?random=1727263437905&cv=11&fst=1727263437905&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465z89170879507za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2F&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
b06a2874e75ae8b6e84593dbde6365ccd28c73fa16fed3424c08449a46b8e518
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2315
date
Wed, 25 Sep 2024 11:23:58 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
11094978572
td.doubleclick.net/td/rul/ Frame CF7B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/11094978572?random=1727263437905&cv=11&fst=1727263437905&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465z89170879507za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2F&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.shedrx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Sep 2024 11:23:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-48VEXHF084&cid=947641375.1727263438&gtm=45je49n0v9100008465z89170879507za200zb9170879507&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101671035&tag_exp=101671035&z=588604882
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 25 Sep 2024 11:23:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
everflow.js
www.shm2idjl.com/scripts/sdk/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shm2idjl.com/scripts/sdk/everflow.js
Requested by
Host: mfmcdn.com
URL: https://mfmcdn.com/intels.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.119.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.119.117.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
30a054a4a58eca22a03b4a42a4dd0f20e2b8b0d2849f40b0efc882a9649e68c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
max-age=14400
content-encoding
gzip
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
via
1.1 google
x-eflow-request-id
3c3d4222-abdc-4558-88b0-5a9d0fe67977
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
text/javascript
vary
Origin
server
nginx
app-b27a436f-8f5d-4e47-aa04-66b106226e66.js
spn.so/js/v1/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spn.so/js/v1/app-b27a436f-8f5d-4e47-aa04-66b106226e66.js?28
Requested by
Host: tracking.upfluence.co
URL: https://tracking.upfluence.co/js/v1/init-b27a436f-8f5d-4e47-aa04-66b106226e66.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.199.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-199-253.compute-1.amazonaws.com
Software
/
Resource Hash
9b14ef5787da79eb84fd317a6fac3f88cc51324d34253a68755a0d7134a90551

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

Transfer-Encoding
chunked
X-Upfluence-Version
v0.1.43
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,OPTIONS,DELETE
X-Upfluence-Unit-Name
api-public-deployment-65cf4dffcc-tdm85
Access-Control-Allow-Origin
https://portal.shedrx.com
Date
Wed, 25 Sep 2024 11:23:59 GMT
Content-Type
application/javascript
Access-Control-Allow-Headers
X-UPF-Fingerprint,X-UPF-VisitorUUID,X-UPF-Confidence,User-Agent,Content-Type
267a46e534866870240f1ee2939fc65847584c99a987957059e8c3be1b572580
capig.stape.biz/events/ 		0
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.stape.biz/events/267a46e534866870240f1ee2939fc65847584c99a987957059e8c3be1b572580
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1356287765275427?v=2.9.167&r=stable&domain=portal.shedrx.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://portal.shedrx.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nQgbr39scxlxodI3fe1dNJkfpo0pt3p2DYll99EharMOG2JsgiTijPmU9Y%2Fr%2Br3lgbbpS84Lc%2FC61lDbqO%2BJAMZVWDgRbDaJdm0KFTRX5YwB91CvoPQLpMv5EdT8T3r7iE%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8c8aa5281eebab18-YYZ
access-control-allow-origin
https://portal.shedrx.com
content-length
0
date
Wed, 25 Sep 2024 11:23:58 GMT
vary
origin
server
cloudflare
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1356287765275427&ev=PageView&dl=https%3A%2F%2Fportal.shedrx.com%2F&rl=&if=false&ts=1727263438035&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1727263438026.94871316832143286&eid=ob3_plugin-set_81f9112cd65ca290ec04dcaf5601cfcc311097fc66f523b072cf6f72c19cab05&cs_est=true&ler=empty&cdl=API_unavailable&it=1727263437781&coo=false&rqm=GET
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=2839, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1356287765275427&ev=PageView&dl=https%3A%2F%2Fportal.shedrx.com%2F&rl=&if=false&ts=1727263438035&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=4126&fbp=fb.1.1727263438026.94871316832143286&eid=ob3_plugin-set_81f9112cd65ca290ec04dcaf5601cfcc311097fc66f523b072cf6f72c19cab05&cs_est=true&ler=empty&cdl=API_unavailable&it=1727263437781&coo=false&rqm=FGET
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418539979446289189"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418539979446289189"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0c017762ac128517","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:24002125052769521","7830:24002125052769521","10853:24002125052769521","41:24002125052769521","8046:24002125052769521"]},"debug_reporting":true,"debug_key":"4122748254965299169"}
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
aj8JvnIGaMdqlgLRsLEemFqoEqwfzL1h8YFet6rZlS2r5EigMfxOdDitM+0S/3EI7QQhx4S4/OUkWHpbJFjx1g==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7418539979446289189", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=14, mss=1316, tbw=3157, tp=-1, tpl=-1, uplat=31, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
identify_7bf75739.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-19.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

x-cache
TCP_MEM_HIT from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary
Accept-Encoding
cache-control
public, max-age=31536000, immutable
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=11
x-tt-trace-id
00-2408300225247191E1B46E3CA2659920-6980FBE3FDD4116B-00
content-length
39551
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
application/javascript; charset=UTF-8
x-tt-logid
202408300225247191E1B46E3CA2659920
server
nginx
x-akamai-request-id
177b7b96
x-tt-trace-host
01b8984c511c26376dc0fc45f78ebe9a41c2fd65eebebca84879db3023830106eaa375a54172cbc919d360ae7a5928dc940faf0928b144bde7fb20ac260166e6e7347199ade633aaf56bbe5c0192137bf4b162f883b3c93d66f9bfca032841da1f
pixel
analytics.tiktok.com/api/v2/ 		0
719 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-19.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://portal.shedrx.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 25 Sep 2024 11:23:58 GMT
server-timing
inner; dur=22, cdn-cache; desc=MISS, edge; dur=8, origin; dur=32
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 25 Sep 2024 11:23:58 GMT
x-akamai-request-id
177b7b9f
access-control-allow-headers
Authorization,*
x-tt-trace-host
010fc4a98d3060c9f26273ece19d3d7a56f20f4420886c57dd7e834329c39c123342ad8997aae24a1596b8d5a47a02cbacc6620172a1ed77725ea8f25765a6add5bf9216d746a95ee2a36bfcad0e355bcf95b92ce7d35922d1cda541d1373a59e3
x-origin-response-time
33,23.44.200.156
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240925112358A76FCFFFF526CCCBB49F-48B8B53115CA4302-00
content-length
0
x-tt-logid
20240925112358A76FCFFFF526CCCBB49F
server
nginx
v3
js.stripe.com/ 		655 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/assets/index-cf7f9fa6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-13.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
02959b6821696c21598ce6ec968c6276471b688bb6bf177013b1b8fdb6f56339
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
br
etag
W/"2c76ac99816397a1d7d79a37d0f103ff"
age
23
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
jWOweTxlf4Kme_swdaowGM3C8uvYmtVdz4fefMOJ6KcktOkTCRMI9w==
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 25 Sep 2024 00:06:30 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31556926; includeSubDomains; preload
cache-control
max-age=60
timing-allow-origin
*
via
1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK50-P2
server
Cloudfront
/
www.google.com/pagead/1p-user-list/11094978572/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11094978572/?random=1727263437905&cv=11&fst=1727262000000&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465z89170879507za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2F&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfOvnEIFoHmGHKLF597-_2gENvl2BLpA&random=2282485716&rmt_tld=0&ipr=y
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.100 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 25 Sep 2024 11:23:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/11094978572/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/11094978572/?random=1727263437905&cv=11&fst=1727262000000&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465z89170879507za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2F&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDpaXnfOvnEIFoHmGHKLF597-_2gENvl2BLpA&random=2282485716&rmt_tld=1&ipr=y
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 25 Sep 2024 11:23:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c29f4aa8329445009fa607b6a005621638c7439d7daf0326e82a76a3b5478698

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b5fd648e2214d8afb704d8b67579aae576eaa9daccb0f47e331ca4b5c6b33cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2053f71477f6be2b553d6887d8ec732405cc3dab37e4a38773f88905be9fd1ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8412a91438d1cb0ac3fe552dcaabc822679bfb7c2a891e6ada0054b50023c9e0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87d6047b1585f41ef29129b65550248afb41c8db38c8ec58e9092a2e14450988

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9121a86cde60b73ff9fc966fe50e82cc5bdec5121ada9e4b673709aa7bfc8bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e24ed85d9b271f2f0db25ee3a581b55c79db0ce39a64c3e22f50cfd695387804

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
967f5045a9656426f95c058af065b21829e9902932d6c13d2da45b7c0f1f4198

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
71381496d121d8bae879b487b758cdccb4860b3ac06464d67243674c0a875202

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
119eb0464f714cc77fb600d1f2b32eabe30ea231ced396a65053557cab7ed83c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afcc0646ab01e1c308c3f224c1bdb91c866c472d1a0d46814089d7a6a7caa2ea

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b4d881d0f0f7e941373ccb55d6f7a9eaaff379a80208cf91615e5625c599428

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6bd32d489cef4798b5d647a9496a541be4e05577a93cae8aef369011fb238dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
267afc390ac8fe539e3e9129ce286bc638f68e4437d74bb2f2a25f29c14d5f24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc92ecb2d22048bf4abc48b20e6d5c30d6b68f4ffd02da940f6813e41db26b36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da5b35cacf07f6dfc342573ce6bda88315fbe7072599dda526fa7c8de5d16c94

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		27 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4785c46cc86f990abcef8f5cf9a8f37744058e2daea7ee0a77a46fb097d24e24

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		27 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e38e60534a7d25111a6fb75a8b783f48d17ded29465285a553f20835e2cb1de8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a30999841f0e63d8c15973686c7b82e5a66031149a6cf67b5f54b91f4fe86aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db5e19d75a078e8fecbc9a285f89434f4500523366722afba8e6e0963768008a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d9ed9b1d09ced1e847306ee8c6ba644c5aa17e87ca20ecebaa581217073c7661

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9680173dd81f045cc0a7989c7972a1eb163068e4a9c06eb0fa714ed296f20c1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a347052d5d916cd039f5bb03b197c934b9bb7950376e751e032fe738c0cdff81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9225fdf44d20f36954823670674a302e1a7f30eebb64c098f092a63f2a45ca14

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb3112e7467707be2160edc595d624bffd3bdcaf5e46f22a008ada7c0e2efa08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
244f5f9dd5a3e99a7de3f564d8a8ede26e0d090236728166e5d8bc67883a6fae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3a6b821f2f2ab6790ee9c3c93bee36771562d833a1ceca3a073273c17137d90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d761e0f3f3ed4cf13a5c3a1b9efdb916ceb07e8d0323c1e38a8eaf6bad010eb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e110c021a9729bb9b701569a7525ffbd048df1135acf7116894be5d9c1173fff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8795ca01c30b79248383dc356dca1d204098b2474313fc8ae141d0c6071fdb6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afb27339f06cb5c77ffd192ba5ba1f292ccff60e81753b9ccfcf187cb4d9506a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3ad6c37f4a97f1889e190933f8332df772f637d1702e1633573fa74bee730e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b099e28416f20d181ae2a9514025831ae48f261f37015b6aebac366bfebac78c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		23 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c9c17dc51e472f75a737523c7c79d9568e959095bd6b11d62cdbadf16c94191

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7044451e431a9d764e4cd152251c223174c7fdfb6d2a3c3583470e1a5ec4f850

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4de27957bc9203291cc93eeabb8f83e007bb98e70c791dad2aecb55f62e1bcd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83ced1f786cbacbfe3252e36af734e7d1edc6845baa4ddabce5245b6389d808f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bcd48fb50d5461c58e6c1e86477215cb23512bd28cf52373b4affa71b1991b21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d67cc5d6a3804a2959559e65236973400125cd12ea513a66e2c5dad828fb4a1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		25 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b3fb4fce3dfba22fb73b04361e698b5831924515226b798369b5e5769fbee3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
026652ff4003ed99360ad4decd820297bc1963817beb70d2aec88b5c253f3abe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		26 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5238e1041a9824ffa71a5ff96255f4ad305555642eedcf418f90854c29d59186

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		27 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6225006e8e28fe0d3ef04c24819de0c60c6aca791253b3abe241167f13919beb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		27 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb86fd853de38a03ec1d578acb84bf3432b206edb86557d6a8d909a44c13ddb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2f0770bb33c5ebede81b4bd313cf32c302eec44e0220f73bd565a7b8059a6d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6234d78172c8f573fd3ad7608d0a46bc5b240c5b76c7f301866b8a5ae47cc506

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		28 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45dab81ba09699d737359b43a48c4dbef39d07208430df0f5e32f157c5bc5e9c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73039afa7f622f57274714c262b6fe271aef1c8d4930f0cf891fb55e0357e0d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
738b66b8b17a9285722653a8b643cb1df1abb52e6ca0437179ae6b1d4e33eb83

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bdbe34e4f33d116b9f480bee52003db0c3162185b9710914d1619f422c0d8cf9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		29 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fdfbbd3b0982c43d9ddd0801c825990d377c6c42b934a4ebb31f8b6a483c05e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
315bb7d9c4a3b39edcb6e0adcc364c539015fcf2ceec26baefee5bc14404c11d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebbfc1fd9ed80de41fd00313f3e52f8764a1c813473b4bd0872da1159ff0af26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55787677561e8795d8d3eb67884af2d5a45e1c95b6a5807c6186d76e8a78a094

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		30 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7faf196a449b73201aea0e9326a81479a975351409ccc1fe06ec34eef1d94d29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8f43c8c2386dd8182d47337b70e60d3d00e2c876b68a5622fe31c0bb5ae114c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		31 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9fe6e5f0ac093e5ba35bf4eacad3c0885fb3ff22601398f0631c3e55140beca7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2557fa52bb90b0ac505b191d15d9ba9f1ee15704664d103a4921447eeb5cc325

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d8880a5096fa41bc15da1a97ba2b0d66dea2f600f9369f793bcbc249d9edfbae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
truncated
/ 		32 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
587dac9702205c029d51b6bb33ac9192880ac5dcb2f892cbfdb3eee01cde70f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/jpeg
act
analytics.tiktok.com/api/v2/pixel/ 		0
718 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-19.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://portal.shedrx.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 25 Sep 2024 11:23:58 GMT
server-timing
inner; dur=33, cdn-cache; desc=MISS, edge; dur=9, origin; dur=42
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 25 Sep 2024 11:23:58 GMT
x-akamai-request-id
177b7d2b
access-control-allow-headers
Authorization,*
x-tt-trace-host
010fc4a98d3060c9f26273ece19d3d7a56f20f4420886c57dd7e834329c39c12330b5b5d691b85d45b2cbafd8f1e36e122524e2273612791d5ca8ae602e4e47c0476c7b21a7c72fb557999c6fe2801f0effc25d97e3b35d6ce653f7d7c37aa6ce4
x-origin-response-time
44,23.44.200.156
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240925112358F651FB54EAE4A4E5ACE2-613381AC959E02C4-00
content-length
0
x-tt-logid
20240925112358F651FB54EAE4A4E5ACE2
server
nginx
controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
js.stripe.com/v3/ Frame 31AF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-b49317380ba8946a72a1bc61bce8261c.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-91.jfk50.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://portal.shedrx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
13
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Wed, 25 Sep 2024 11:23:54 GMT
etag
"b49317380ba8946a72a1bc61bce8261c"
last-modified
Tue, 24 Sep 2024 23:29:04 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 d4b67fda8355378cec4afc079701f8e6.cloudfront.net (CloudFront)
x-amz-cf-id
y4W4BCviGyYY-S92NBHGB6aLpZPYEvkSCE29VAuIhWA4PlxJ74DOfw==
x-amz-cf-pop
JFK50-P2
x-cache
Hit from cloudfront
x-content-type-options
nosniff
267a46e534866870240f1ee2939fc65847584c99a987957059e8c3be1b572580
capig.stape.biz/events/ 		0
588 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.stape.biz/events/267a46e534866870240f1ee2939fc65847584c99a987957059e8c3be1b572580
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/assets/index-cf7f9fa6.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.205.45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://portal.shedrx.com/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dg2lNZ5zamNcfCeknoi%2BtqVdV4n%2FEZXPq3GTM7cDkiKN8BCZ8TI0X6zSAIC4yZCvtNnGvQqoHnO%2FgflJ0ASniQJILr8SZUNOC4vVfLntizQy8PeIkO4SwVKG02C%2FwA%2BPAjQ%3D"}],"group":"cf-nel","max_age":604800}
via
1.1 google
cf-ray
8c8aa52bc8c2ab18-YYZ
access-control-allow-origin
https://portal.shedrx.com
content-length
0
date
Wed, 25 Sep 2024 11:23:58 GMT
vary
origin
server
cloudflare
/
www.facebook.com/tr/ 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1356287765275427&ev=PageView&dl=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&rl=&if=false&ts=1727263438675&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=4126&fbp=fb.1.1727263438026.94871316832143286&eid=ob3_plugin-set_e4a23df06c0da51b19b276b918cd921f2241cb7105dc6d5fee5c419e999936d3&cs_est=true&ler=empty&cdl=API_unavailable&it=1727263437781&coo=false&rqm=GET
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/login?redirect=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=7011, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1356287765275427&ev=PageView&dl=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&rl=&if=false&ts=1727263438675&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=4126&fbp=fb.1.1727263438026.94871316832143286&eid=ob3_plugin-set_e4a23df06c0da51b19b276b918cd921f2241cb7105dc6d5fee5c419e999936d3&cs_est=true&ler=empty&cdl=API_unavailable&it=1727263437781&coo=false&rqm=FGET
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/login?redirect=/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.71.36 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-lga3.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418539979898442580"}]}, {"max_age":3600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7418539979898442580"}],"group":"network-errors"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0c017762ac128517","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"2":["24:24002125052769521","7830:24002125052769521","10853:24002125052769521","41:24002125052769521","8046:24002125052769521"]},"debug_reporting":true,"debug_key":"16134356136898913"}
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
eqmdviJb44JNb/ApEUnmv14koBaPgR8suSlX2rJ8XY4vObqlNGLpD8Ar/pNUkjI4j91K6WT3hugXhNtqYGkz2A==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7418539979898442580", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
nel
{"report_to":"network-errors","max_age":3600,"failure_fraction":0.01}
cache-control
private, no-store, no-cache, must-revalidate
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=31, rtx=0, c=10, mss=1316, tbw=7157, tp=-1, tpl=-1, uplat=23, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
pixel
analytics.tiktok.com/api/v2/ 		0
718 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWE3ZGFjMzZkMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.111.19 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-111-19.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://portal.shedrx.com/

Response headers

access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires
Wed, 25 Sep 2024 11:23:58 GMT
server-timing
inner; dur=31, cdn-cache; desc=MISS, edge; dur=8, origin; dur=80
x-cache
TCP_MISS from a23-44-200-156.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
date
Wed, 25 Sep 2024 11:23:58 GMT
x-akamai-request-id
177b7d65
access-control-allow-headers
Authorization,*
x-tt-trace-host
010fc4a98d3060c9f26273ece19d3d7a56f20f4420886c57dd7e834329c39c1233e5fcf7131f1407db7ab07c3fabb7aa2abb25791f2f5f27d6a2331076d433c88860139914bb35905d72dc6fac94254d9612870ce0638d785b885151e79d0e2ceb
x-origin-response-time
81,23.44.200.156
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
access-control-allow-origin
*
x-tt-trace-id
00-240925112358BB765A4D401B2DC1A834-28C96471516BABDF-00
content-length
0
x-tt-logid
20240925112358BB765A4D401B2DC1A834
server
nginx
logo-91c545e0.png
portal.shedrx.com/assets/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.shedrx.com/assets/logo-91c545e0.png
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/login?redirect=/
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91c545e083ef92c56e4a2d736fb5caf6f55c0a34f910afacd38a29f6db040c6f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/login?redirect=/

Response headers

content-encoding
br
etag
"92a21a9574b838a1e9ba8e370582334f3ab0f6045b7a28b035ae5b90dcc67258-br"
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 21:21:50 GMT
x-served-by
cache-yyz4582-YYZ
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
strict-transport-security
max-age=31556926
content-security-policy
frame-ancestors 'self';
cache-control
max-age=3600
x-timer
S1727263439.696841,VS0,VE1
accept-ranges
bytes
content-length
20478
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.35 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f3.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.shedrx.com
Referer
https://fonts.googleapis.com/

Response headers

age
9842
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 25 Sep 2025 08:39:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 25 Sep 2024 08:39:56 GMT
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
33092
x-xss-protection
0
server
sffe
v3
openfpcdn.io/fingerprintjs/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://openfpcdn.io/fingerprintjs/v3
Requested by
Host: spn.so
URL: https://spn.so/js/v1/app-b27a436f-8f5d-4e47-aa04-66b106226e66.js?28
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-75.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://portal.shedrx.com
Referer

Response headers

content-encoding
br
etag
W/"hurxpFJ1hzJm8rhSSUCMgpelT2E"
age
7122
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
tuNEioLm4NaFW61h2NMBJuq1nIuZk_GoLyvXwk4FnzQKRnIDCmQpgQ==
date
Wed, 25 Sep 2024 09:25:17 GMT
content-type
text/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=585002, s-maxage=11156
cross-origin-resource-policy
cross-origin
via
1.1 f7b469bae3f4a6418a1a6a50a32d318c.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
JFK52-P1
server
CloudFront
logo-91c545e0.png
portal.shedrx.com/assets/ 		20 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.shedrx.com/assets/logo-91c545e0.png
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91c545e083ef92c56e4a2d736fb5caf6f55c0a34f910afacd38a29f6db040c6f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/login?redirect=/

Response headers

content-security-policy
frame-ancestors 'self';
cache-control
max-age=3600
content-encoding
br
etag
"92a21a9574b838a1e9ba8e370582334f3ab0f6045b7a28b035ae5b90dcc67258-br"
x-timer
S1727263439.696841,VS0,VE1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
content-length
20478
date
Wed, 25 Sep 2024 11:23:58 GMT
content-type
image/png
last-modified
Fri, 20 Sep 2024 21:21:50 GMT
x-served-by
cache-yyz4582-YYZ
x-cache-hits
0
vary
x-fh-requested-host, accept-encoding
/
www.googleadservices.com/pagead/conversion/11094978572/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11094978572/?random=1727263439686&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&label=fgkJCJ_PjusYEIzgv6op&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
5c9ba4e697acd0d5cc1339027320e94bdc134984730adf92f9d572e1b0cffb12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2534
date
Wed, 25 Sep 2024 11:23:59 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
11094978572
td.doubleclick.net/td/rul/ Frame AAE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/11094978572?random=1727263439686&cv=11&fst=1727263439686&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&label=fgkJCJ_PjusYEIzgv6op&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&ct_cookie_present=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-48VEXHF084&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://portal.shedrx.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 25 Sep 2024 11:23:59 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.ca/pagead/1p-conversion/11094978572/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11094978572/?random=1994913384&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3...
  • https://www.google.com/pagead/1p-conversion/11094978572/?random=1994913384&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=...
  • https://www.google.ca/pagead/1p-conversion/11094978572/?random=1994913384&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=1...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-conversion/11094978572/?random=1994913384&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&label=fgkJCJ_PjusYEIzgv6op&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItrmK3v3diAMV0DmICR2oxjhtMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3BvcnRhbC5zaGVkcnguY29tLw&is_vtc=1&cid=CAQSKQDpaXnfmHiwdvF6V26-io8uglD1WThzKNR5mU_FKTzeTkRhRUQprcbi&random=311794432&ipr=y
Protocol
H3
Server
142.250.65.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://portal.shedrx.com/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 25 Sep 2024 11:23:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.ca/pagead/1p-conversion/11094978572/?random=1994913384&cv=11&fst=1727263439686&bg=ffffff&guid=ON&async=1&gtm=45je49n0v9100008465za200zb9170879507&gcd=13l3l3l3l1l1&dma=0&tag_exp=101671035&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.shedrx.com%2Flogin%3Fredirect%3D%2F&label=fgkJCJ_PjusYEIzgv6op&hn=www.googleadservices.com&frm=0&tiba=ShedRx&npa=0&pscdl=noapi&auid=1754971873.1727263438&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ec_mode=a&fledge=1&capi=1&data=event%3Dconversion&em=tv.1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAkosZXZlbnQtc291cmNlLCB0cmlnZ2VyLCBub3QtbmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMItrmK3v3diAMV0DmICR2oxjhtMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhpodHRwczovL3BvcnRhbC5zaGVkcnguY29tLw&is_vtc=1&cid=CAQSKQDpaXnfmHiwdvF6V26-io8uglD1WThzKNR5mU_FKTzeTkRhRUQprcbi&random=311794432&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 25 Sep 2024 11:23:59 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-48VEXHF084&gtm=45je49n0v9100008465za200zb9170879507&_p=1727263437401&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101671035&cid=947641375.1727263438&ul=en-ca&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEA&sid=1727263437&sct=1&seg=0&dl=https%3A%2F%2Fportal.shedrx.com%2F&dt=ShedRx&_s=2&tfd=5719
Requested by
Host: portal.shedrx.com
URL: https://portal.shedrx.com/assets/index-cf7f9fa6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://portal.shedrx.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://portal.shedrx.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 25 Sep 2024 11:24:02 GMT
content-type
text/plain
server
Golfe2

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| dataLayer string| FONT_MONTSERRAT object| google_tag_manager object| google_tag_data function| twq function| rdt function| fbq function| _fbq string| TiktokAnalyticsObject object| ttq function| getQueryParam function| redditNormalizeEmail object| regeneratorRuntime object| twttr function| onYouTubeIframeAPIReady object| gaGlobal object| GooglebQhCsO object| intels string| domain_str function| upfLoadScript object| _upf function| ratag object| _ratagData function| _extends object| TrackdeskObject function| trackdesk object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks string| __reactRouterVersion function| __mp_recorder function| hotkeys function| IMask number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| scriptjsLoadPromise object| webfontloaderPromise object| EF object| webpackChunkStripeJSouter function| noop function| Stripe string| site_url number| evf_adv_id object| _upfSDK

19 Cookies

Domain/Path Name / Value
.capig.stape.biz/events/267a46e534866870240f1ee2939fc65847584c99a987957059e8c3be1b572580 Name: cee
Value: sE0UOTkW116HVGYpGUhHO9F0dCgkp4aWwENwqaOdblk%3D.%7B%7D
.shedrx.com/ Name: _rdt_uuid
Value: 1727263437725.9aea3d0b-91d5-459d-ac7f-d3dff268fb6a
.tiktok.com/ Name: _ttp
Value: 2mYpbqzQMcqPGkKjGVgbwqsgES7
.shedrx.com/ Name: _ga
Value: GA1.1.947641375.1727263438
.shedrx.com/ Name: _gcl_au
Value: 1.1.1754971873.1727263438
.twitter.com/ Name: guest_id_marketing
Value: v1%3A172726343795667881
.twitter.com/ Name: guest_id_ads
Value: v1%3A172726343795667881
.twitter.com/ Name: personalization_id
Value: "v1_m01fc4hpSdrBn8HxtGfg0Q=="
.twitter.com/ Name: guest_id
Value: v1%3A172726343795667881
.t.co/ Name: muc_ads
Value: 2f762b3d-3582-469a-b366-e5efba952141
.t.co/ Name: __cf_bm
Value: oav7GyavlFJpc7O9IxkgzdZ9C.I9XKVixS5r28zh_Ys-1727263437-1.0.1.1-ArMTgLFQlxQ3PM2mC3udAhFs_Rpfz.U6HVs3N9qb6MZYJmB4PHofq8e5nj_nz4fuG2CcYs.flUWtYvlfkwHorQ
.shedrx.com/ Name: _fbp
Value: fb.1.1727263438026.94871316832143286
portal.shedrx.com/ Name: _cids
Value: W10=
.shedrx.com/ Name: _tt_enable_cookie
Value: 1
.shedrx.com/ Name: _ttp
Value: T_RQnKTvBk2UvniAU8c7MSWujmr
.shedrx.com/ Name: mp_15fbb8276511fe104cfc35b37fdf30b9_mixpanel
Value: %7B%22distinct_id%22%3A%20%22%24device%3A19228ec7540392-0150704cd18575-1e462c6f-1d4c00-19228ec7541392%22%2C%22%24device_id%22%3A%20%2219228ec7540392-0150704cd18575-1e462c6f-1d4c00-19228ec7541392%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%7D
portal.shedrx.com/ Name: feathery-user-id-0ac161c2-8d18-4fbf-816b-88f9561e476c
Value: 71e1cba0-4a2b-4c61-a597-2ef41d389987
.shedrx.com/ Name: _ga_48VEXHF084
Value: GS1.1.1727263437.1.1.1727263439.58.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUmDRhxoqm94g9cO8zX_DBJVGDRwwKraKi29vjE_rL2ze6TFsQYaFsgNHDOP

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://portal.shedrx.com/login?redirect=/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ads.rmbl.ws
alb.reddit.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
capig.stape.biz
cdn.trackdesk.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.stripe.com
mfmcdn.com
openfpcdn.io
pixel-config.reddit.com
portal.shedrx.com
spn.so
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
tracking.upfluence.co
www.facebook.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.redditstatic.com
www.shm2idjl.com
104.244.42.131
108.139.29.13
108.139.29.91
142.250.65.170
142.250.65.195
142.250.65.232
142.250.72.100
142.250.80.34
142.250.80.35
142.250.80.66
142.251.111.155
142.251.40.194
146.75.36.157
151.101.129.140
151.101.193.140
157.240.241.1
162.159.140.229
172.67.205.45
18.173.219.75
18.238.55.31
199.36.158.100
216.239.34.181
23.44.111.19
3.230.88.247
31.13.71.36
34.117.119.152
34.200.199.253
35.227.195.169
38.70.189.71
026652ff4003ed99360ad4decd820297bc1963817beb70d2aec88b5c253f3abe
02959b6821696c21598ce6ec968c6276471b688bb6bf177013b1b8fdb6f56339
0b3fb4fce3dfba22fb73b04361e698b5831924515226b798369b5e5769fbee3e
119eb0464f714cc77fb600d1f2b32eabe30ea231ced396a65053557cab7ed83c
1593b1f5bf86a2bec3f93142409030a64591d1b6415faaedd0c251dd924d0288
1b5fd648e2214d8afb704d8b67579aae576eaa9daccb0f47e331ca4b5c6b33cc
1cd4299871851c28d7786adddb7ae073e98362f62e2e892bb84c709b1528ea4a
1fd8f65871ebd2b8b0e410a6e3b012b66e0964f66e57710c197964154c11db63
2053f71477f6be2b553d6887d8ec732405cc3dab37e4a38773f88905be9fd1ea
244f5f9dd5a3e99a7de3f564d8a8ede26e0d090236728166e5d8bc67883a6fae
2557fa52bb90b0ac505b191d15d9ba9f1ee15704664d103a4921447eeb5cc325
267afc390ac8fe539e3e9129ce286bc638f68e4437d74bb2f2a25f29c14d5f24
30a054a4a58eca22a03b4a42a4dd0f20e2b8b0d2849f40b0efc882a9649e68c9
315bb7d9c4a3b39edcb6e0adcc364c539015fcf2ceec26baefee5bc14404c11d
3d761e0f3f3ed4cf13a5c3a1b9efdb916ceb07e8d0323c1e38a8eaf6bad010eb
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
45dab81ba09699d737359b43a48c4dbef39d07208430df0f5e32f157c5bc5e9c
4785c46cc86f990abcef8f5cf9a8f37744058e2daea7ee0a77a46fb097d24e24
4a30999841f0e63d8c15973686c7b82e5a66031149a6cf67b5f54b91f4fe86aa
4b4d881d0f0f7e941373ccb55d6f7a9eaaff379a80208cf91615e5625c599428
4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df
4d1a8c17e10d59e15a0324786c2872e44135224b8d8808d6044bc777fda1742d
4fdfbbd3b0982c43d9ddd0801c825990d377c6c42b934a4ebb31f8b6a483c05e
51698055502813cd29205292dfcb7517bd803cf9deb22e21d06bd24fb3bcdf4b
5238e1041a9824ffa71a5ff96255f4ad305555642eedcf418f90854c29d59186
55787677561e8795d8d3eb67884af2d5a45e1c95b6a5807c6186d76e8a78a094
57281521094dd6fe0d1997e31eab51a203b0f338d39e730d260fdfecce621905
587dac9702205c029d51b6bb33ac9192880ac5dcb2f892cbfdb3eee01cde70f9
5c9ba4e697acd0d5cc1339027320e94bdc134984730adf92f9d572e1b0cffb12
5c9c17dc51e472f75a737523c7c79d9568e959095bd6b11d62cdbadf16c94191
6225006e8e28fe0d3ef04c24819de0c60c6aca791253b3abe241167f13919beb
6234d78172c8f573fd3ad7608d0a46bc5b240c5b76c7f301866b8a5ae47cc506
68fdc316e5a11d1e2430511eaf2b62d8a1b8de21814924a567473ecb3c4b4fae
7044451e431a9d764e4cd152251c223174c7fdfb6d2a3c3583470e1a5ec4f850
706e4b2b1a0b48a95a2468ed5bbd10ea6cb9874aff64afd280e979c2f141cb0e
71381496d121d8bae879b487b758cdccb4860b3ac06464d67243674c0a875202
73039afa7f622f57274714c262b6fe271aef1c8d4930f0cf891fb55e0357e0d3
738b66b8b17a9285722653a8b643cb1df1abb52e6ca0437179ae6b1d4e33eb83
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7b57e8c65d920a5318ad12d3145ee8159a2b81a075a1e26f2a80306310143eb4
7faf196a449b73201aea0e9326a81479a975351409ccc1fe06ec34eef1d94d29
83ced1f786cbacbfe3252e36af734e7d1edc6845baa4ddabce5245b6389d808f
8412a91438d1cb0ac3fe552dcaabc822679bfb7c2a891e6ada0054b50023c9e0
8795ca01c30b79248383dc356dca1d204098b2474313fc8ae141d0c6071fdb6b
87d6047b1585f41ef29129b65550248afb41c8db38c8ec58e9092a2e14450988
91c545e083ef92c56e4a2d736fb5caf6f55c0a34f910afacd38a29f6db040c6f
9225fdf44d20f36954823670674a302e1a7f30eebb64c098f092a63f2a45ca14
967f5045a9656426f95c058af065b21829e9902932d6c13d2da45b7c0f1f4198
9b14ef5787da79eb84fd317a6fac3f88cc51324d34253a68755a0d7134a90551
9b5b1d185235adfcad879d59215fcdcef505424484ac6658964a420b90036ee0
9ed8df7cd8ba1cfc3f4bbc00ea4fbddf32980361ec225e3d90ee388e3528db01
9fe6e5f0ac093e5ba35bf4eacad3c0885fb3ff22601398f0631c3e55140beca7
a347052d5d916cd039f5bb03b197c934b9bb7950376e751e032fe738c0cdff81
a4675a265f4a2b673525cbb0bbf3ad3480310ca8bff9be6be83c9b71343b8e94
a8f43c8c2386dd8182d47337b70e60d3d00e2c876b68a5622fe31c0bb5ae114c
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afb27339f06cb5c77ffd192ba5ba1f292ccff60e81753b9ccfcf187cb4d9506a
afcc0646ab01e1c308c3f224c1bdb91c866c472d1a0d46814089d7a6a7caa2ea
b06a2874e75ae8b6e84593dbde6365ccd28c73fa16fed3424c08449a46b8e518
b099e28416f20d181ae2a9514025831ae48f261f37015b6aebac366bfebac78c
b4de27957bc9203291cc93eeabb8f83e007bb98e70c791dad2aecb55f62e1bcd
b6bd32d489cef4798b5d647a9496a541be4e05577a93cae8aef369011fb238dc
b7e3d18646a8e869580067834114b3d14bf25049744a7bc8fea6a12ebaf4cc19
b9121a86cde60b73ff9fc966fe50e82cc5bdec5121ada9e4b673709aa7bfc8bb
b9680173dd81f045cc0a7989c7972a1eb163068e4a9c06eb0fa714ed296f20c1
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcd48fb50d5461c58e6c1e86477215cb23512bd28cf52373b4affa71b1991b21
bdbe34e4f33d116b9f480bee52003db0c3162185b9710914d1619f422c0d8cf9
c29f4aa8329445009fa607b6a005621638c7439d7daf0326e82a76a3b5478698
c9a91b7f99c03e16b16429635c555ae3e1d27dd04e3515fedca84dccd57d8f73
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc92ecb2d22048bf4abc48b20e6d5c30d6b68f4ffd02da940f6813e41db26b36
d67cc5d6a3804a2959559e65236973400125cd12ea513a66e2c5dad828fb4a1a
d8880a5096fa41bc15da1a97ba2b0d66dea2f600f9369f793bcbc249d9edfbae
d9ed9b1d09ced1e847306ee8c6ba644c5aa17e87ca20ecebaa581217073c7661
da5b35cacf07f6dfc342573ce6bda88315fbe7072599dda526fa7c8de5d16c94
db5e19d75a078e8fecbc9a285f89434f4500523366722afba8e6e0963768008a
e110c021a9729bb9b701569a7525ffbd048df1135acf7116894be5d9c1173fff
e1e974a52d761bcb9565a46c2d95969a20e37db16eb5fa4101524737f9330a12
e24ed85d9b271f2f0db25ee3a581b55c79db0ce39a64c3e22f50cfd695387804
e27a3206cf77abfdd8922bba5dd2a275625151b377ce3f5b62182a9e9106f933
e38e60534a7d25111a6fb75a8b783f48d17ded29465285a553f20835e2cb1de8
e3a6b821f2f2ab6790ee9c3c93bee36771562d833a1ceca3a073273c17137d90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb3112e7467707be2160edc595d624bffd3bdcaf5e46f22a008ada7c0e2efa08
eb86fd853de38a03ec1d578acb84bf3432b206edb86557d6a8d909a44c13ddb3
ebbfc1fd9ed80de41fd00313f3e52f8764a1c813473b4bd0872da1159ff0af26
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f0770bb33c5ebede81b4bd313cf32c302eec44e0220f73bd565a7b8059a6d2
f3ad6c37f4a97f1889e190933f8332df772f637d1702e1633573fa74bee730e8
f6dcc229220c6fd335437bf541992d780989252e5d712bb07aa4fdd7949e3b13